tyler.durden
/
icingaweb2
mirror of https://github.com/Icinga/icingaweb2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix too greedy __SELF__ login redirect on XHR 

I introduced this bug some commits earlier. We only must redirect to __SELF__ on XHR
if a redirect URL was set.

refs #8626
This commit is contained in:
Eric Lippmann 2015-03-12 00:57:03 +01:00
parent 2f752ed1ac
commit 749957c3b4
1 changed files with 6 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
library/Icinga/Web/Controller/ActionController.php
View File

@ -295,9 +295,9 @@ class ActionController extends Zend_Controller_Action
/**
* Redirect to login
*
* XHR will always redirect to __SELF__. __SELF__ instructs JavaScript to redirect to the current window's URL
* if it's an auto-refresh request or to redirect to the URL which required login if it's not an auto-refreshing
* one.
* XHR will always redirect to __SELF__ if an URL to redirect to after successful login is set. __SELF__ instructs
* JavaScript to redirect to the current window's URL if it's an auto-refresh request or to redirect to the URL
* which required login if it's not an auto-refreshing one.
*
* XHR will respond with HTTP status code 403 Forbidden.
*
@ -307,7 +307,9 @@ class ActionController extends Zend_Controller_Action
{
$login = Url::fromPath('authentication/login');
if ($this->isXhr()) {
$login->setParam('redirect', '__SELF__');
if ($redirect !== null) {
$login->setParam('redirect', '__SELF__');
}
$this->_response->setHttpResponseCode(403);
} elseif ($redirect !== null) {
if (! $redirect instanceof Url) {